Your Data Under Your Control


Privacy & Ex Libris

Ex Libris understands how important privacy is to you.  The personal data you entrust to us belongs to you; we process it according to our Privacy Policy. If your personal information is provided by our customers for using our products, we process it only according to our agreements we have with those customers.  As part of our continuous efforts to protect your personal data, we have adopted privacy by design precepts throughout our organization, from development through operations.

Read our Privacy Policy >

Should you have questions about how we safeguard your privacy, contact our Privacy Officer, Ellen Amsel (CIPM, CISSP, CISM, CISA), at



Session & User Input Cookies

When you register with an Ex Libris site, we generate cookies that signal whether you are signed in. Our servers use these cookies to know which account you are signed in with, and if you are allowed access to a particular service. They also allow us to associate any comments you post with your username. If you have not selected “keep me signed in,” your cookies are deleted when you either close your browser or shut down your computer.

For more information regarding session cookies and cookies on our corporate sites, please see our cookie policy.



The General Data Protection Regulation (GDPR)

On May 25, 2018, a new privacy law called the General Data Protection Regulation (GDPR) began to apply in the European Union (EU).  The GDPR replaces the Data Protection Directive (the Directive) which has been in effect since 1995. While the GDPR preserves many of the principles established in the Directive, the GDPR gives individuals greater control over their personal data and imposes many new obligations on organizations that collect, handle, or process personal data.

Ex Libris is committed to GDPR compliance. We have closely analyzed the requirements of the GDPR, and our engineering, product, security and legal teams have been working to align our procedures, documentation, contracts, and services to support compliance with the GDPR.  We also support our customers during their GDPR compliance journey with our strong foundation of implemented security and privacy frameworks and certified security and privacy controls.

More about Ex Libris and GDPR >


Data Processing Addendum

As part of Ex Libris efforts to prepare for the GDPR, Ex Libris has published a Data Processing Addendum (DPA) for each of our product groups to incorporate the appropriate terms required by the GDPR into the relevant customer agreements. The DPAs have been created under the supervision of EU privacy experts and are designed to comply with the GDPR and to reflect the specific details of the data processing activities within Ex Libris’ services. All customers that are processing personal data that is subject to the GDPR through Ex Libris services should download, sign, and return the appropriate product DPA to allow both the customer and Ex Libris to comply with the DPA requirements of the GDPR.

Download a copy of our GDPR Data Processing Addendum >



EU-US and Swiss-US Privacy Shield Frameworks

Ex Libris complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Ex Libris has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

To learn more about the Privacy Shield program, and to view our certification, please visit


ISO 27018:2014 Certified – Protection of Personally Identifiable Information

This ISO standard establishes commonly accepted control objectives, controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

Ex Libris complies with this standard and is ISO 27018 certified.  This standard was originally published in 2014, and Ex Libris has been certified since 2016.

More about ISO 27018:2014 >